What's increasingly difficult to stomach is festering evil pervading tech industry.
Used to be somewhat focused on creating better tools to get shit done.
Now it's basically marketing Trojan horses to the public. Massive firms engaged in intentionally psychologically engineering products to maximize technological addiction and pervasive cyber stalking leveraged against consumer to ensure not one extra cent is ever left on the table.
The reality has always been dwindling returns on connectivity. IoT goons are laughably unable to communicate a coherent value proposition. Just spraying Internet dust all over the place isn't going to make anyone's lives better except those few behind the scenes leveraging marketing terms and virtue signaling to justify further ownage of the user to say nothing of creating unnecessary vectors for compromise by governments and criminal organizations the world over.
I wish vendors would cease false 2FA advertisements because the security claims are unfair and misleading to users.
Actual multifactor authentication requires two dissimilar factors... generally what you know *AND* what you have.
What everyone is doing effectively amounts to what you know *OR* what you have. The second factor adds as much security to the system as an obvious password reset question...In other words it isn't additive...it actually reduces effective security of the system.
The goal has never been security. It's getting people to stop saying "I forgot my password".
That's what they agree to when they sign up - and now he's advocating for allowing contractors to release whatever information they feel like for 'Freedom of Press' reasons?
The answer for anyone who has read TFA or even the summary is clearly NO.
Snowden is asserting espionage act is not the appropriate venue since it was intended for espionage and prevents defense from arguing mitigating circumstances. Something even defendants in a murder trial are able to do.
Sorry buddy - you're out to lunch. State secrets and classified information is needed for a country to function - otherwise you might as well just tear it apart and offer it up to whoever has the most muscle.
Your conclusions are based entirely on a false premise. Snowden openly admits what he did was wrong.
How do solicited sexual advances work? If one were to go up to someone and "solicit" such that when they make a sexual advance it is deemed "solicited" what prevents the act of soliciting itself from being construed as an unsolicited advance?
Who really sees a difference between the following phrases?
"Hey babe lets hang out" "Hey babe is it ok if I ask you to hang out?"
Is there a practical difference between "sexual advance" and "unsolicited sexual advance" or do people just throw in the word "unsolicited" so their position superficially seems more nuanced and reasonable?
Given the fact windows is a spying and advertising platform who would pay extra to use it for "work" only to be hosed by forced data exfiltration and forced updates/w shoddy QA regardless of it's other capabilities?
I mean.. when they can't even manage... to force the right version of windows out the door.. when they resort to outright lies and trickery to get their way.. when their operating systems come pre-installed with a remote access trojan and stated policy granting them the right to exfiltrate your data from your system without asking or you even knowing about it who is going to want to roll the dice?
I fail to see the point of a new file system that comes with an absurd number of limitations including lack of transactions, EFS or inability to actually boot and run the operating system that makes it worthless for any "workstation" purpose other than a generic file server.
What would in be useful for a "workstation" would be for MS to get off their asses and fix long standing deficiencies in block level software RAID implementation.... Little things like deprioritizing and rate limiting rebuilds, not concurrently regenerating multiple volumes across the same physical disks, multi-disk read and block level recovery that does not fail the whole disk, ability to add more disks to achieve arbitrary levels of redundancy or read only I/O acceleration.
I don't really want to see a new IFS at this point unless it brings something really significant to the table. At the very least it must work transparently with everything with complete feature parity, must be bootable and it must optionally be versioned.
Pushing a button that says "Like" on Facebook is disseminating something.
Sure is. It disseminates the fact U indicated you liked something.
The action is that you're publishing whatever it is for people to see.
Absolutely. It publishes the fact U indicated you liked something.
In a free society people get to troll and spew nonsense without fear of the states "fact" police catching up to them.
Free people get to call others names and make fun of them ESPECIALLY public figures who run PETA like organizations that are inherently lightning rods for controversy and disdain.
Free people get to express their undying love for whatever the hell they want including Hitler and Daesh without fear of the state leveraging its monopoly on violence to bludgeon them over the head for it.
Those who can't handle freedom are probably better off in Switzerland or North Korea.
China has double the US Emissions India's emissions are gaining.
Not bad for being the worlds factory and having 4x US population. Currently China is sitting on about half U.S. emissions on a per-capita basis.
India is sitting at an eighth on a per-capita basis. Most of the disparity is locked up in extremely poor living standards nobody reading this would themselves appreciate being subjected to.
If you want to see what climate change really looks like wait until both countries reach per-capita emissions parity with the US.
This is why even pretending to care about the environment is so important even if it only to exert weak political leverage to manage rise of unindustrialized nations for purely selfish reasons. If massive industrialized polluters demonstrate they don't give a shit it's hard to act surprised when other countries reciprocate.
The Paris deal lets countries set their own goals ('Nationally Determined Contributions') and isn't legally binding
UN has never been anything more than a forum for those with power to negotiate. UN itself inherently wields none. It has no economy or standing army. It relies entirely on hand-outs from member states.
So really the Paris Agreement is a plan made up by idealogues who want to 'save the planet'. Those ideologues want to set strict goals in the US (and the EU), affecting Western economies, while countries like India, China, and Russia set goals that do little to curb their emissions (and, of course, don't hurt their own economy)
All climate agreements can reasonably achieve is to provide a nudge in the right direction. Industry is moving on regardless of political masturbation for entirely selfish reasons.
Doesn't take much of a rocket scientist to look at chart of cost per watt of photovolatics and wind over time vs pulling hydrocarbons out of the ground to grow a clue.
In short, it's political theater that hurts the west.
Of course it's political theatre. All international agreements are.
What stands to hurt the west is the consequences of everyone else on the planet achieving the same standard of living U.S. currently enjoys by employing the same backwards means of energy production.
For all the talk about expandability and planned obsolescence = BAD I come to find out essential phone's battery is non-removable.
The wording on privacy is vague. They don't just come out and say they won't do x, y and z. Privacy policy on their website is the same boiler plate we'll do whatever we please including retroactively changing terms whenever we feel like it with no recourse machination.
Most cameras on PC's have an activity LED that's going to show up when it's active. This offers no way to bypass that LED.
Who besides yourself is talking about Google chrome cracking camera drivers or firmware to disable LEDs? Where are the Microphone LEDs? Keeping in mind microphones have been successfully exploited as proxies for key loggers.
The "red dot" has always been a "best efforts" indicator, since it's not visible to a user if they have too many tabs open
LOL "It's broke anyway"
The permission popup is non-modal so doesn't stop you accessing the page, lowering the risk of "UI fatigue" induced accepting. It's got no hot-key bound to "Accept". Escape will block the permission.
The page knows you blocked or didn't yet accept the permission and is free to do whatever it pleases with that knowledge. The only possible user friendly option is to LIE to the application.
You could argue full-screen mode is an even worse security bug, since it hides the whole address bar, including HTTPS issues.
"It's broke anyway" v.bis
All you have to do is trick the user into pressing F11. No broken HTTPS icon, no recording icon, no audio playing icon, no URL is shown.
Even for enthusiasts... Enough people are just not this stupid. For same money you can buy another NVidia Titan X, more SSDs or RAM and have something that actually stands to provide a somewhat noticeable improvement. Cost way out of line with benefit.
1. Story presents no new information 2. Fails to provide any statistically significant context to the reader 3. Cherry picks very different incidents then lumps them all into the same context. 4. Invokes good old fashioned FUD (e.g. "What if we're spreading lies, and what if we're putting people in danger by publishing what these anonymous sources tell us?" ) 5. Is a bit ridiculous on it's face. US Intelligence community lost its credibility for years to come on Feb 5th of 2003 when Colin Powell squandered his in front of the world.
Saying US intelligence has lost credibility due to "leaks" is like saying Trump lost credibility because he lost the popular vote. Both true statements and both completely irrelevant.
On second thought... we need a version that uses protocol buffers.. this would make RSS even better. You'll never know it or care but it'll be better...trust the Internet... more fragmentation for semantic bullshits sake is good for everyone.
The Kereberos *protocol* does, as far as I know, satisfy these requirements.
Can you provide any evidence of any implementation besides Microsoft's, not satisfying the requirements in a typical configuration?
The way people generally secure Kerberos is by deploying PKI (RFC4556) or using any number of widely available transport level privacy schemes. (IPsec, VPNs..etc) the very same options are widely available to shelter plaintext authentication.
The problem is challenge response authentication algorithms provided with Kerberos themselves cannot stand alone. Kerberos cannot survive brute force attack without the communications channel first being protected by a foreign source of trust that isn't a password stored in a users mind.
A good way of thinking about this is SSH. Most people are faced with a choice between being responsible and manually importing keys or just saying fuck it and taking that leap of faith first time they connect.
There is a third option that allows you to have your cake (Not having to leap) and eat it too (not having to import keys)... and that is a secure authentication protocol. Kerberos does not even pretend to provide this.
Love this our product contains malware warning message:
NOTE:It is strongly recommended that after the firmware is updated to this version, log back in to the router's web GUI and configure the settings for this feature.
Nothing screams we're doing something wrong AND WE KNOW IT than cute little notes like these.
How much data is sent to Netgear before this malware can possibly be disabled?
Slashdot Mirror
What's increasingly difficult to stomach is festering evil pervading tech industry.
Used to be somewhat focused on creating better tools to get shit done.
Now it's basically marketing Trojan horses to the public. Massive firms engaged in intentionally psychologically engineering products to maximize technological addiction and pervasive cyber stalking leveraged against consumer to ensure not one extra cent is ever left on the table.
The reality has always been dwindling returns on connectivity. IoT goons are laughably unable to communicate a coherent value proposition. Just spraying Internet dust all over the place isn't going to make anyone's lives better except those few behind the scenes leveraging marketing terms and virtue signaling to justify further ownage of the user to say nothing of creating unnecessary vectors for compromise by governments and criminal organizations the world over.
The road to hell is the path of least resistance.
Her party just got creamed, why is she still she prime minister?
Censorship is unacceptable.
Seems pretty cut and dried: The head of the FBI confirms there is no investigation of Trump.
Sure as heck is an investigation of Trump now.
I wish vendors would cease false 2FA advertisements because the security claims are unfair and misleading to users.
Actual multifactor authentication requires two dissimilar factors... generally what you know *AND* what you have.
What everyone is doing effectively amounts to what you know *OR* what you have. The second factor adds as much security to the system as an obvious password reset question...In other words it isn't additive...it actually reduces effective security of the system.
The goal has never been security. It's getting people to stop saying "I forgot my password".
Dear fellow Americans,
COVFEFE
http://cdn.deseretnews.com/ima...
That's what they agree to when they sign up - and now he's advocating for allowing contractors to release whatever information they feel like for 'Freedom of Press' reasons?
The answer for anyone who has read TFA or even the summary is clearly NO.
Snowden is asserting espionage act is not the appropriate venue since it was intended for espionage and prevents defense from arguing mitigating circumstances. Something even defendants in a murder trial are able to do.
Sorry buddy - you're out to lunch. State secrets and classified information is needed for a country to function - otherwise you might as well just tear it apart and offer it up to whoever has the most muscle.
Your conclusions are based entirely on a false premise. Snowden openly admits what he did was wrong.
How do solicited sexual advances work? If one were to go up to someone and "solicit" such that when they make a sexual advance it is deemed "solicited" what prevents the act of soliciting itself from being construed as an unsolicited advance?
Who really sees a difference between the following phrases?
"Hey babe lets hang out"
"Hey babe is it ok if I ask you to hang out?"
Is there a practical difference between "sexual advance" and "unsolicited sexual advance" or do people just throw in the word "unsolicited" so their position superficially seems more nuanced and reasonable?
Given the fact windows is a spying and advertising platform who would pay extra to use it for "work" only to be hosed by forced data exfiltration and forced updates /w shoddy QA regardless of it's other capabilities?
I mean.. when they can't even manage... to force the right version of windows out the door.. when they resort to outright lies and trickery to get their way.. when their operating systems come pre-installed with a remote access trojan and stated policy granting them the right to exfiltrate your data from your system without asking or you even knowing about it who is going to want to roll the dice?
I fail to see the point of a new file system that comes with an absurd number of limitations including lack of transactions, EFS or inability to actually boot and run the operating system that makes it worthless for any "workstation" purpose other than a generic file server.
What would in be useful for a "workstation" would be for MS to get off their asses and fix long standing deficiencies in block level software RAID implementation.... Little things like deprioritizing and rate limiting rebuilds, not concurrently regenerating multiple volumes across the same physical disks, multi-disk read and block level recovery that does not fail the whole disk, ability to add more disks to achieve arbitrary levels of redundancy or read only I/O acceleration.
I don't really want to see a new IFS at this point unless it brings something really significant to the table. At the very least it must work transparently with everything with complete feature parity, must be bootable and it must optionally be versioned.
I wish some comic would make a cartoon of them lighting each others pants on fire.
?), tell the project owner you're out of work, pick something from the backlog that looks appealing, play warcraft, or what?
https://www.youtube.com/watch?...
Pushing a button that says "Like" on Facebook is disseminating something.
Sure is. It disseminates the fact U indicated you liked something.
The action is that you're publishing whatever it is for people to see.
Absolutely. It publishes the fact U indicated you liked something.
In a free society people get to troll and spew nonsense without fear of the states "fact" police catching up to them.
Free people get to call others names and make fun of them ESPECIALLY public figures who run PETA like organizations that are inherently lightning rods for controversy and disdain.
Free people get to express their undying love for whatever the hell they want including Hitler and Daesh without fear of the state leveraging its monopoly on violence to bludgeon them over the head for it.
Those who can't handle freedom are probably better off in Switzerland or North Korea.
I'm sorry, but this web site is for English speakers. If you'd like to try again to write a comment in English, I'd be happy to respond.
I gathered we were not speaking the same language when you asserted liking nonsense is the same as spreading it.
Personally, I like the ruling. Slander is slander. Spreading false bullshit should be a punishable civil offense in the US, too.
Your most welcome to leave for Switzerland or North Korea at the soonest possible opportunity.
China has double the US Emissions
India's emissions are gaining.
Not bad for being the worlds factory and having 4x US population. Currently China is sitting on about half U.S. emissions on a per-capita basis.
India is sitting at an eighth on a per-capita basis. Most of the disparity is locked up in extremely poor living standards nobody reading this would themselves appreciate being subjected to.
If you want to see what climate change really looks like wait until both countries reach per-capita emissions parity with the US.
This is why even pretending to care about the environment is so important even if it only to exert weak political leverage to manage rise of unindustrialized nations for purely selfish reasons. If massive industrialized polluters demonstrate they don't give a shit it's hard to act surprised when other countries reciprocate.
The Paris deal lets countries set their own goals ('Nationally Determined Contributions') and isn't legally binding
UN has never been anything more than a forum for those with power to negotiate. UN itself inherently wields none. It has no economy or standing army. It relies entirely on hand-outs from member states.
So really the Paris Agreement is a plan made up by idealogues who want to 'save the planet'. Those ideologues want to set strict goals in the US (and the EU), affecting Western economies, while countries like India, China, and Russia set goals that do little to curb their emissions (and, of course, don't hurt their own economy)
All climate agreements can reasonably achieve is to provide a nudge in the right direction. Industry is moving on regardless of political masturbation for entirely selfish reasons.
Doesn't take much of a rocket scientist to look at chart of cost per watt of photovolatics and wind over time vs pulling hydrocarbons out of the ground to grow a clue.
In short, it's political theater that hurts the west.
Of course it's political theatre. All international agreements are.
What stands to hurt the west is the consequences of everyone else on the planet achieving the same standard of living U.S. currently enjoys by employing the same backwards means of energy production.
For all the talk about expandability and planned obsolescence = BAD I come to find out essential phone's battery is non-removable.
The wording on privacy is vague. They don't just come out and say they won't do x, y and z. Privacy policy on their website is the same boiler plate we'll do whatever we please including retroactively changing terms whenever we feel like it with no recourse machination.
Because the user still has to explicitly grant permission for mic/camera access first. There is no unauthorized recording, so no security breach.
Perpetual grant from a domain that need not match domain of site user is actually visiting.
It's only impacting Chrome on a PC, not Android.
So only hundreds of millions of users. No biggie.
Most cameras on PC's have an activity LED that's going to show up when it's active. This offers no way to bypass that LED.
Who besides yourself is talking about Google chrome cracking camera drivers or firmware to disable LEDs? Where are the Microphone LEDs? Keeping in mind microphones have been successfully exploited as proxies for key loggers.
The "red dot" has always been a "best efforts" indicator, since it's not visible to a user if they have too many tabs open
LOL "It's broke anyway"
The permission popup is non-modal so doesn't stop you accessing the page, lowering the risk of "UI fatigue" induced accepting. It's got no hot-key bound to "Accept". Escape will block the permission.
The page knows you blocked or didn't yet accept the permission and is free to do whatever it pleases with that knowledge. The only possible user friendly option is to LIE to the application.
You could argue full-screen mode is an even worse security bug, since it hides the whole address bar, including HTTPS issues.
"It's broke anyway" v.bis
All you have to do is trick the user into pressing F11. No broken HTTPS icon, no recording icon, no audio playing icon, no URL is shown.
x3
CPUs @ $999 - $1,999 = DOA, way too expensive.
Even for enthusiasts... Enough people are just not this stupid. For same money you can buy another NVidia Titan X, more SSDs or RAM and have something that actually stands to provide a somewhat noticeable improvement. Cost way out of line with benefit.
1. Story presents no new information
2. Fails to provide any statistically significant context to the reader
3. Cherry picks very different incidents then lumps them all into the same context.
4. Invokes good old fashioned FUD (e.g. "What if we're spreading lies, and what if we're putting people in danger by publishing what these anonymous sources tell us?" )
5. Is a bit ridiculous on it's face. US Intelligence community lost its credibility for years to come on Feb 5th of 2003 when Colin Powell squandered his in front of the world.
Saying US intelligence has lost credibility due to "leaks" is like saying Trump lost credibility because he lost the popular vote. Both true statements and both completely irrelevant.
On second thought... we need a version that uses protocol buffers.. this would make RSS even better. You'll never know it or care but it'll be better...trust the Internet... more fragmentation for semantic bullshits sake is good for everyone.
The Kereberos *protocol* does, as far as I know, satisfy these requirements.
Can you provide any evidence of any implementation besides Microsoft's, not satisfying the requirements in a typical configuration?
The way people generally secure Kerberos is by deploying PKI (RFC4556) or using any number of widely available transport level privacy schemes. (IPsec, VPNs..etc) the very same options are widely available to shelter plaintext authentication.
The problem is challenge response authentication algorithms provided with Kerberos themselves cannot stand alone. Kerberos cannot survive brute force attack without the communications channel first being protected by a foreign source of trust that isn't a password stored in a users mind.
A good way of thinking about this is SSH. Most people are faced with a choice between being responsible and manually importing keys or just saying fuck it and taking that leap of faith first time they connect.
There is a third option that allows you to have your cake (Not having to leap) and eat it too (not having to import keys) ... and that is a secure authentication protocol. Kerberos does not even pretend to provide this.
Love this our product contains malware warning message:
NOTE:It is strongly recommended that after the firmware is updated to this version, log back in to the router's web GUI and configure the settings for this feature.
Nothing screams we're doing something wrong AND WE KNOW IT than cute little notes like these.
How much data is sent to Netgear before this malware can possibly be disabled?